From aeb556f8317cb5affcadafe17cf59242f1822a2a Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 30 Oct 2014 23:21:39 +0000 Subject: [PATCH] Implement internally opaque bn access from srp Reviewed-by: Tim Hudson --- crypto/bn/Makefile | 10 ++++- crypto/{srp/srp_grps.h => bn/bn_srp.c} | 51 ++++++++++++++------------ crypto/include/internal/bn_srp.h | 35 ++++++++++++++++++ crypto/srp/Makefile | 2 +- crypto/srp/srp_lib.c | 18 +-------- 5 files changed, 73 insertions(+), 43 deletions(-) rename crypto/{srp/srp_grps.h => bn/bn_srp.c} (94%) create mode 100644 crypto/include/internal/bn_srp.h diff --git a/crypto/bn/Makefile b/crypto/bn/Makefile index 2f4a81e80c..f0548ed787 100644 --- a/crypto/bn/Makefile +++ b/crypto/bn/Makefile @@ -26,13 +26,13 @@ LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \ bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \ bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \ bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \ - bn_depr.c bn_const.c bn_x931p.c bn_intern.c bn_dh.c + bn_depr.c bn_const.c bn_x931p.c bn_intern.c bn_dh.c bn_srp.c LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \ bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \ bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \ bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o \ - bn_depr.o bn_const.o bn_x931p.o bn_intern.o bn_dh.o + bn_depr.o bn_const.o bn_x931p.o bn_intern.o bn_dh.o bn_srp.o SRC= $(LIBSRC) @@ -409,6 +409,12 @@ bn_sqrt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h bn_sqrt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h bn_sqrt.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_sqrt.o: ../include/internal/bn_int.h bn_lcl.h bn_sqrt.c +bn_srp.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +bn_srp.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +bn_srp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_srp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_srp.o: ../../include/openssl/symhacks.h ../include/internal/bn_int.h +bn_srp.o: bn_lcl.h bn_srp.c bn_word.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_word.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_word.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h diff --git a/crypto/srp/srp_grps.h b/crypto/bn/bn_srp.c similarity index 94% rename from crypto/srp/srp_grps.h rename to crypto/bn/bn_srp.c index 5babc40ae2..0a9c2fd78b 100644 --- a/crypto/srp/srp_grps.h +++ b/crypto/bn/bn_srp.c @@ -1,4 +1,20 @@ -/* start of generated data */ +#include "bn_lcl.h" + +#ifndef OPENSSL_NO_SRP + +#if (BN_BYTES == 8) +# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__) +# define bn_pack4(a1,a2,a3,a4) ((a1##UI64<<48)|(a2##UI64<<32)|(a3##UI64<<16)|a4##UI64) +# elif defined(__arch64__) +# define bn_pack4(a1,a2,a3,a4) ((a1##UL<<48)|(a2##UL<<32)|(a3##UL<<16)|a4##UL) +# else +# define bn_pack4(a1,a2,a3,a4) ((a1##ULL<<48)|(a2##ULL<<32)|(a3##ULL<<16)|a4##ULL) +# endif +#elif (BN_BYTES == 4) +# define bn_pack4(a1,a2,a3,a4) ((a3##UL<<16)|a4##UL), ((a1##UL<<16)|a2##UL) +#else +# error "unsupported BN_BYTES" +#endif static const BN_ULONG bn_group_1024_value[] = { bn_pack4(0x9FC6,0x1D2F,0xC0EB,0x06E3), @@ -18,7 +34,7 @@ static const BN_ULONG bn_group_1024_value[] = { bn_pack4(0x9C33,0xF80A,0xFA8F,0xC5E8), bn_pack4(0xEEAF,0x0AB9,0xADB3,0x8DD6) }; -static const BIGNUM bn_group_1024 = { +const BIGNUM bn_group_1024 = { (BN_ULONG*)bn_group_1024_value, (sizeof bn_group_1024_value)/sizeof(BN_ULONG), (sizeof bn_group_1024_value)/sizeof(BN_ULONG), @@ -52,7 +68,7 @@ static const BN_ULONG bn_group_1536_value[] = { bn_pack4(0xB1F1,0x2A86,0x17A4,0x7BBB), bn_pack4(0x9DEF,0x3CAF,0xB939,0x277A) }; -static const BIGNUM bn_group_1536 = { +const BIGNUM bn_group_1536 = { (BN_ULONG*)bn_group_1536_value, (sizeof bn_group_1536_value)/sizeof(BN_ULONG), (sizeof bn_group_1536_value)/sizeof(BN_ULONG), @@ -94,7 +110,7 @@ static const BN_ULONG bn_group_2048_value[] = { bn_pack4(0xF166,0xDE5E,0x1389,0x582F), bn_pack4(0xAC6B,0xDB41,0x324A,0x9A9B) }; -static const BIGNUM bn_group_2048 = { +const BIGNUM bn_group_2048 = { (BN_ULONG*)bn_group_2048_value, (sizeof bn_group_2048_value)/sizeof(BN_ULONG), (sizeof bn_group_2048_value)/sizeof(BN_ULONG), @@ -152,7 +168,7 @@ static const BN_ULONG bn_group_3072_value[] = { bn_pack4(0xC90F,0xDAA2,0x2168,0xC234), bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF) }; -static const BIGNUM bn_group_3072 = { +const BIGNUM bn_group_3072 = { (BN_ULONG*)bn_group_3072_value, (sizeof bn_group_3072_value)/sizeof(BN_ULONG), (sizeof bn_group_3072_value)/sizeof(BN_ULONG), @@ -226,7 +242,7 @@ static const BN_ULONG bn_group_4096_value[] = { bn_pack4(0xC90F,0xDAA2,0x2168,0xC234), bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF) }; -static const BIGNUM bn_group_4096 = { +const BIGNUM bn_group_4096 = { (BN_ULONG*)bn_group_4096_value, (sizeof bn_group_4096_value)/sizeof(BN_ULONG), (sizeof bn_group_4096_value)/sizeof(BN_ULONG), @@ -332,7 +348,7 @@ static const BN_ULONG bn_group_6144_value[] = { bn_pack4(0xC90F,0xDAA2,0x2168,0xC234), bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF) }; -static const BIGNUM bn_group_6144 = { +const BIGNUM bn_group_6144 = { (BN_ULONG*)bn_group_6144_value, (sizeof bn_group_6144_value)/sizeof(BN_ULONG), (sizeof bn_group_6144_value)/sizeof(BN_ULONG), @@ -470,7 +486,7 @@ static const BN_ULONG bn_group_8192_value[] = { bn_pack4(0xC90F,0xDAA2,0x2168,0xC234), bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF) }; -static const BIGNUM bn_group_8192 = { +const BIGNUM bn_group_8192 = { (BN_ULONG*)bn_group_8192_value, (sizeof bn_group_8192_value)/sizeof(BN_ULONG), (sizeof bn_group_8192_value)/sizeof(BN_ULONG), @@ -479,7 +495,7 @@ static const BIGNUM bn_group_8192 = { }; static const BN_ULONG bn_generator_19_value[] = {19} ; -static const BIGNUM bn_generator_19 = { +const BIGNUM bn_generator_19 = { (BN_ULONG*)bn_generator_19_value, 1, 1, @@ -487,7 +503,7 @@ static const BIGNUM bn_generator_19 = { BN_FLG_STATIC_DATA }; static const BN_ULONG bn_generator_5_value[] = {5} ; -static const BIGNUM bn_generator_5 = { +const BIGNUM bn_generator_5 = { (BN_ULONG*)bn_generator_5_value, 1, 1, @@ -495,7 +511,7 @@ static const BIGNUM bn_generator_5 = { BN_FLG_STATIC_DATA }; static const BN_ULONG bn_generator_2_value[] = {2} ; -static const BIGNUM bn_generator_2 = { +const BIGNUM bn_generator_2 = { (BN_ULONG*)bn_generator_2_value, 1, 1, @@ -503,15 +519,4 @@ static const BIGNUM bn_generator_2 = { BN_FLG_STATIC_DATA }; -static SRP_gN knowngN[] = { - {"8192",(BIGNUM*)&bn_generator_19 , (BIGNUM*)&bn_group_8192}, - {"6144",(BIGNUM*)&bn_generator_5 , (BIGNUM*)&bn_group_6144}, - {"4096",(BIGNUM*)&bn_generator_5 , (BIGNUM*)&bn_group_4096}, - {"3072",(BIGNUM*)&bn_generator_5 , (BIGNUM*)&bn_group_3072}, - {"2048",(BIGNUM*)&bn_generator_2 , (BIGNUM*)&bn_group_2048}, - {"1536",(BIGNUM*)&bn_generator_2 , (BIGNUM*)&bn_group_1536}, - {"1024",(BIGNUM*)&bn_generator_2 , (BIGNUM*)&bn_group_1024}, -}; -#define KNOWN_GN_NUMBER sizeof(knowngN) / sizeof(SRP_gN) - -/* end of generated data */ +#endif diff --git a/crypto/include/internal/bn_srp.h b/crypto/include/internal/bn_srp.h new file mode 100644 index 0000000000..e15038a94e --- /dev/null +++ b/crypto/include/internal/bn_srp.h @@ -0,0 +1,35 @@ + +#ifndef OPENSSL_NO_SRP + +extern const BIGNUM bn_group_1024; + +extern const BIGNUM bn_group_1536; + +extern const BIGNUM bn_group_2048; + +extern const BIGNUM bn_group_3072; + +extern const BIGNUM bn_group_4096; + +extern const BIGNUM bn_group_6144; + +extern const BIGNUM bn_group_8192; + +extern const BIGNUM bn_generator_19; + +extern const BIGNUM bn_generator_5; + +extern const BIGNUM bn_generator_2; + +static SRP_gN knowngN[] = { + {"8192",(BIGNUM*)&bn_generator_19 , (BIGNUM*)&bn_group_8192}, + {"6144",(BIGNUM*)&bn_generator_5 , (BIGNUM*)&bn_group_6144}, + {"4096",(BIGNUM*)&bn_generator_5 , (BIGNUM*)&bn_group_4096}, + {"3072",(BIGNUM*)&bn_generator_5 , (BIGNUM*)&bn_group_3072}, + {"2048",(BIGNUM*)&bn_generator_2 , (BIGNUM*)&bn_group_2048}, + {"1536",(BIGNUM*)&bn_generator_2 , (BIGNUM*)&bn_group_1536}, + {"1024",(BIGNUM*)&bn_generator_2 , (BIGNUM*)&bn_group_1024}, +}; +#define KNOWN_GN_NUMBER sizeof(knowngN) / sizeof(SRP_gN) + +#endif diff --git a/crypto/srp/Makefile b/crypto/srp/Makefile index 9e1d8fe5cb..0c37ec7da7 100644 --- a/crypto/srp/Makefile +++ b/crypto/srp/Makefile @@ -82,7 +82,7 @@ srp_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h srp_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h srp_lib.o: ../../include/openssl/sha.h ../../include/openssl/srp.h srp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -srp_lib.o: ../cryptlib.h srp_grps.h srp_lcl.h srp_lib.c +srp_lib.o: ../cryptlib.h ../include/internal/bn_srp.h srp_lcl.h srp_lib.c srp_vfy.o: ../../e_os.h ../../include/openssl/asn1.h srp_vfy.o: ../../include/openssl/bio.h ../../include/openssl/bn.h srp_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h diff --git a/crypto/srp/srp_lib.c b/crypto/srp/srp_lib.c index d2c237e960..71492f3cef 100644 --- a/crypto/srp/srp_lib.c +++ b/crypto/srp/srp_lib.c @@ -61,23 +61,7 @@ #include "srp_lcl.h" #include #include - -#if (BN_BYTES == 8) -# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__) -# define bn_pack4(a1,a2,a3,a4) ((a1##UI64<<48)|(a2##UI64<<32)|(a3##UI64<<16)|a4##UI64) -# elif defined(__arch64__) -# define bn_pack4(a1,a2,a3,a4) ((a1##UL<<48)|(a2##UL<<32)|(a3##UL<<16)|a4##UL) -# else -# define bn_pack4(a1,a2,a3,a4) ((a1##ULL<<48)|(a2##ULL<<32)|(a3##ULL<<16)|a4##ULL) -# endif -#elif (BN_BYTES == 4) -# define bn_pack4(a1,a2,a3,a4) ((a3##UL<<16)|a4##UL), ((a1##UL<<16)|a2##UL) -#else -# error "unsupported BN_BYTES" -#endif - - -#include "srp_grps.h" +#include "internal/bn_srp.h" static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g) {